Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
File:                     xAqOocjcM7gpD-vTTkU4vZWXROg.mft (raw, json)
Hash identifier:          4rNmyL+cyVdikqJsYio3FIQYLlcrnlZ5pln/fIk0eME=
Subject key identifier:   C0:DF:CF:8E:31:7E:39:1E:2A:29:19:E9:94:1C:8E:0A:CD:0E:F0:BB
Authority key identifier: C4:0A:8E:A1:C8:DC:33:B8:29:0F:EB:D3:4E:45:38:BD:95:97:44:E8
Certificate issuer:       /CN=c40a8ea1c8dc33b8290febd34e4538bd959744e8
Certificate serial:       019CABDA021696FA932D4085923502EE4645
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
Manifest number:          17D6
Signing time:             Mon 02 Mar 2026 00:01:56 +0000
Manifest this update:     Mon 02 Mar 2026 00:01:56 +0000
Manifest next update:     Tue 03 Mar 2026 00:01:56 +0000
Files and hashes:         1: xAqOocjcM7gpD-vTTkU4vZWXROg.crl (hash: PRIA1YUd3fbR+rD5Ok97Fcf0wE/ITRvKQ0x6jKtzcQs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:da:02:16:96:fa:93:2d:40:85:92:35:02:ee:46:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c40a8ea1c8dc33b8290febd34e4538bd959744e8
        Validity
            Not Before: Mar  2 00:01:56 2026 GMT
            Not After : Mar  3 00:01:56 2026 GMT
        Subject: CN=c0dfcf8e317e391e2a2919e9941c8e0acd0ef0bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:20:4a:46:95:27:c6:c0:42:78:4b:a2:1a:c2:
                    9e:13:c4:67:ef:af:62:4c:71:04:80:bb:66:65:fe:
                    49:29:94:4b:dd:2c:d1:17:e5:12:33:33:1d:98:51:
                    d0:1b:bf:62:e6:f3:59:c0:e7:1e:2f:24:a2:f5:ac:
                    60:b1:30:5c:01:f8:17:80:aa:dc:fd:01:7e:c5:9a:
                    ec:ff:e3:a7:43:57:e6:1e:54:8f:a7:01:63:a0:97:
                    6d:e9:f1:cf:a1:73:23:6c:32:6d:40:92:db:4d:ba:
                    55:a0:e8:1b:21:0e:46:86:91:f9:f0:62:0d:5e:49:
                    29:5f:8f:2d:a1:f4:49:d5:7d:96:a5:66:34:7c:cc:
                    a4:ca:00:72:0e:37:6c:ba:4e:90:63:e0:68:8e:56:
                    d5:7d:df:f4:6b:6b:01:01:c8:fb:06:01:0e:80:fc:
                    37:7a:c7:0d:a7:fe:d1:93:07:f6:d3:16:50:b4:2b:
                    fb:d7:46:bf:7b:18:c8:e1:d0:c3:82:ff:32:38:a1:
                    fb:5b:2a:f4:12:43:c9:b5:60:06:5d:f4:71:bc:00:
                    c1:19:7f:a8:0b:14:5a:7a:01:87:ea:57:34:13:68:
                    a3:6d:2b:e9:ca:05:27:ae:8a:81:ed:a2:56:4c:02:
                    10:ad:95:7a:07:62:55:8d:33:ad:d1:6b:ad:36:7b:
                    5a:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:DF:CF:8E:31:7E:39:1E:2A:29:19:E9:94:1C:8E:0A:CD:0E:F0:BB
            X509v3 Authority Key Identifier:
                keyid:C4:0A:8E:A1:C8:DC:33:B8:29:0F:EB:D3:4E:45:38:BD:95:97:44:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:d5:c7:47:7c:b9:51:91:8b:82:c6:dc:59:be:54:35:1a:d5:
         60:69:09:89:d1:25:ed:29:ac:60:b2:50:1f:1e:fe:64:cb:c5:
         c4:0a:88:82:14:56:fb:bc:94:0a:68:09:31:8c:5a:b1:12:2b:
         c5:be:33:8d:6c:9d:47:7c:69:4a:0b:ea:13:9b:5c:8b:b6:88:
         d6:62:f8:8e:41:0d:81:3b:f5:69:18:3e:35:02:50:de:f3:f2:
         4b:82:6c:f4:66:2a:8c:d4:6f:df:e6:db:5c:18:54:ee:11:d4:
         3c:ff:d4:4e:99:c0:23:04:88:3a:ae:4d:66:5c:5b:bb:83:cb:
         22:b4:a3:14:70:e9:ff:c5:f4:6d:a9:48:2f:0b:9a:4c:b9:3a:
         94:a4:c6:63:77:12:c6:7b:dd:30:43:59:62:65:b5:9f:a3:cc:
         ef:f0:f9:0a:5e:ce:96:40:34:86:86:15:cf:52:db:9b:67:48:
         e8:cd:72:1c:2d:7f:f1:a5:c6:c2:e6:03:79:61:36:80:ba:9e:
         08:d6:78:82:e6:36:1a:c1:87:4b:09:fb:4e:f1:48:c6:6d:49:
         42:ec:3c:f3:b6:3f:56:ad:b6:1c:81:77:b4:4c:f3:a0:a4:d3:
         bd:c3:e0:77:2d:ba:ad:ed:1c:a8:75:18:52:62:ea:38:19:a6:
         49:b2:f4:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2gIWlvqTLUCFkjUC7kZFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MGE4ZWExYzhkYzMzYjgyOTBmZWJkMzRlNDUzOGJkOTU5
NzQ0ZTgwHhcNMjYwMzAyMDAwMTU2WhcNMjYwMzAzMDAwMTU2WjAzMTEwLwYDVQQD
EyhjMGRmY2Y4ZTMxN2UzOTFlMmEyOTE5ZTk5NDFjOGUwYWNkMGVmMGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzyBKRpUnxsBCeEuiGsKeE8Rn769i
THEEgLtmZf5JKZRL3SzRF+USMzMdmFHQG79i5vNZwOceLySi9axgsTBcAfgXgKrc
/QF+xZrs/+OnQ1fmHlSPpwFjoJdt6fHPoXMjbDJtQJLbTbpVoOgbIQ5GhpH58GIN
XkkpX48tofRJ1X2WpWY0fMykygByDjdsuk6QY+BojlbVfd/0a2sBAcj7BgEOgPw3
escNp/7Rkwf20xZQtCv710a/exjI4dDDgv8yOKH7Wyr0EkPJtWAGXfRxvADBGX+o
CxRaegGH6lc0E2ijbSvpygUnroqB7aJWTAIQrZV6B2JVjTOt0WutNntarQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMDfz44xfjkeKikZ6ZQcjgrNDvC7MB8GA1UdIwQY
MBaAFMQKjqHI3DO4KQ/r005FOL2Vl0ToMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9lOThiZjctYzVjOC00NTYxLTk3ZTgt
ZTEzMTYwYWMzZTIzLzEveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9lOThiZjctYzVjOC00NTYxLTk3ZTgtZTEzMTYwYWMzZTIz
LzEveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL9XHR3y5
UZGLgsbcWb5UNRrVYGkJidEl7SmsYLJQHx7+ZMvFxAqIghRW+7yUCmgJMYxasRIr
xb4zjWydR3xpSgvqE5tci7aI1mL4jkENgTv1aRg+NQJQ3vPyS4Js9GYqjNRv3+bb
XBhU7hHUPP/UTpnAIwSIOq5NZlxbu4PLIrSjFHDp/8X0balILwuaTLk6lKTGY3cS
xnvdMENZYmW1n6PM7/D5Cl7OlkA0hoYVz1Lbm2dI6M1yHC1/8aXGwuYDeWE2gLqe
CNZ4guY2GsGHSwn7TvFIxm1JQuw887Y/Vq22HIF3tEzzoKTTvcPgdy26re0cqHUY
UmLqOBmmSbL0Pg==
-----END CERTIFICATE-----